<?php


session_start(); // Starts the session.
$PHPSESSID = @$_SESSION['PHPSESSID'];

// Set global object with config and functions
require_once ('class_includes.php');

// It is advisable to set $perform_output_cleanup to false when running live
// Providing a clean formatted HTML output is useful when debugging etc.
$perform_output_cleanup = false;

if (isset($_GET['type'])){
    $perform_output_cleanup = false;
}



if (isset($_GET['view'])){
    if (@$_GET['view'] == "display_image_thumb" || @$_GET['view'] == "display_image_full"){
        $perform_output_cleanup = false;
    }
} 
if($perform_output_cleanup){
    //Start buffering output so we can clean up code
    //ini_set('memory_limit', '128M');
    ob_start("clean_html_code",100000000);
}

//check if buffered content is required
if(@$usebufferedcontent == null){
    $usebufferedcontent = false;
}
//check if page furniture is to be shown (e.g. set to FALSE to images)
if(@is_null($bDoNotDisplayFurniture)){
    $bDoNotDisplayFurniture = false;
}

//get page view
if($_GET['view'] ==  null){
    //should not occur.
    $page_view = "";
} else {
    $page_view = $_GET['view'];
}


//Create global configuration object
$PACTS_cfg = new PactsCfg();
$PACTS_cfg->init(false,$usebufferedcontent,$bIgnoreSQLerrors);

//pick up any messages from previous screen
if(!is_null(@$_GET['URLmessage'])) {
    $PACTS_cfg->URLmessage=@$_GET['URLmessage'];
} else {
    //	$PACTS_cfg->URLmessage="";
}



$aUser_ = mysql_query("SELECT *  FROM ".$PACTS_cfg->userstablename." WHERE username = '".@$_SESSION['username']."'",$PACTS_cfg->dblink);
$aUser = mysql_fetch_array($aUser_, MYSQL_ASSOC);;


////////////////////////////////////////////
//Check login status
////////////////////////////////////////////


  //////////////////////////
    //Check session for expiry time
      if (isset ($aUser['LastLoginTMS'])){
        $LastLogin = strtotime($aUser['LastLoginTMS']);
        //echo $LastLogin."<p>";
        $current = time();

        //echo $current."<p>";
        $timediff = $current-$LastLogin;
        //echo $timediff; //in seconds
if ($timediff > $PACTS_cfg->session_timeout_seconds){
    $_SESSION['logged']=0;
}
    }

if ((@$_SESSION['logged'] != 1) ) {
    //// There was no session found!
    // Set referring page (or last action) in cookie so that it can be re-used

    $ReferringURL = "http://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];
    setcookie("ReferringPage", $ReferringURL, time()+3600);  /* expire in 1 hour */
    setcookie("ReferringPostData", serialize($_POST), time()+3600);  /* expire in 1 hour */

    // force user to the login page
    header("Location: login.php");
    exit(); // Stops the rest of the script.
} 



////////////////////////////////////////////
// Set global login details
////////////////////////////////////////////

$PACTS_cfg->setuser($_SESSION['username'],$aUser['Group']);

////////////////////////////////////////////
//Set repost data (from previous page)
////////////////////////////////////////////

if (@$_COOKIE['ReferringPostData'] != null){
    $Postdata = @unserialize($_COOKIE['ReferringPostData']);
    $_POST=$Postdata;
    setcookie("ReferringPostData", "", time()-1);  /* expire in 1 hour */
}

////////////////////////////////////////////
// Start the prosessing time for the page
////////////////////////////////////////////
$PACTS_cfg->startpageload = $PACTS_cfg->utime();

////////////////////////////////////////////
//Only display furniture if set
//This is used for some pages that change the page headers after load ( ie. image displaying)
////////////////////////////////////////////

$PACTS_cfg->addBufferedContent( $PACTS_cfg->html_header() );
$PACTS_cfg->addBufferedContent( '<div id="page">' );
$PACTS_cfg->addBufferedContent( $PACTS_cfg->start_header_div() );
$PACTS_cfg->addBufferedContent( $PACTS_cfg->start_page_header() );
$PACTS_cfg->addBufferedContent( $PACTS_cfg->start_div_main());

if (!$bDoNotDisplayFurniture){
    //Process Page...
    echo $PACTS_cfg->getBufferedContent();
}

/////////////////////////
// Include page content
/////////////////////////

//Check that page exists, if not, then display custom 404 page
// All page content should exist in the _content directory.

if (!strpos(strtolower(" ".$page_view),"help")>=0 && strpos(strtolower(" ".$page_view),"help")>0){
    $page_folder = 'Help/';
} else {
    $page_folder = '_content/';
}

$page_view_actual = $page_folder.$page_view.'.php';

//echo "page view = ".$page_view."<br>";
//echo "page_view_actual = ".$page_view_actual."<br>";

if (file_exists($page_view_actual))
{
    //    echo "<h1>Page exists!!!!</h1><br>";
    include(substr($_SERVER['SCRIPT_FILENAME'], 0, strrpos($_SERVER['SCRIPT_FILENAME'],"/")+1).$page_view_actual);
} else {
    echo $PACTS_cfg->getBufferedContent();
    $URLMessage = $page_view;
    include(substr($_SERVER['SCRIPT_FILENAME'], 0, strrpos($_SERVER['SCRIPT_FILENAME'],"/")+1).$PACTS_cfg->page_view_404);
    $bDoNotDisplayFurniture = FALSE;

}

////////////////////////////////////////////
// Close off page
////////////////////////////////////////////

if (!$bDoNotDisplayFurniture){
    echo $PACTS_cfg->end_div_main();
    echo $PACTS_cfg->end_html();
    //output buffer
    if ($perform_output_cleanup){
        ob_end_flush();
    }
}

?>







<?php
///////////////////////////////
// MASTER TO DO LIST
///////////////////////////////

///////
// TODO Export function
// - add EXPORT function for Indv/Fmy tables. (use phpMyEdit)


///////
// TODO Change PDF creation to use  fpdf

///////
// TODO PACTS Installer
//  - installer script for all table creation
//        -- use *.sql files for SQL
//  - installer script for reference tables
//        -- use CSV files for ref data
//  - adds default configuration data (???) should this be in the database somewhere ? not in PACTS_config

//////
// TODO add Check SQL configuation
//   - check all tables are present
//   - add as required


///////
// TODO add user screens
//  - View User
//              fields : username, enabled, email, role,  num of logins, num of edits, last login date
//              buttons : EDIT. DELETE, DISABLE
//  - Edit User
//  -           fields : [username], email, [role : dropdown], password [twice], [enabled : checkbox]
//  - Add User
//  -           fields : username, email, [role : dropdown], password [twice], [enabled : checkbox]
//
// Set group permissions - Administrator, Editor, Readonly
//

///////
// TODO add configuration screens
//  - Edit Configuration (use phpMyEdit)
//
// Set group permissions - Administrator, Editor, Readonly
//

// TODO remove all PHPSESSID url parameters

?>